With the configuration in place, starting the server is simple, as shown below. Modify the -config flag to point to the proper path where you saved the configuration above. Vault outputs some information about its configuration, and then blocks. This process should be run using a resource manager such as systemd or upstart.

However what they have missed to document is the start up script for RHEL7/CentOS7 systemd. Here is the start up script that can start vault automatically.

So how do you validate a public key programmatically? I’ve had this question when I had to implement a feature in one of our application. It is possible using the ssh-keygen utility.

ssh-keygen -lf publickey.pub

Here,

-l Show fingerprint of key file.
-f filename Filename of the key file.

The hack is to check the fingerprint of the public key. If you get an error when trying get the fingerprint of the public key, that means the public key is invalid. If you get it, you have a valid public key!

If you have ever had a chance to use a PHP active record class for MySQL, you would notice that most of them don’t support complex where statements. I’ve had a chance today to address this feature request that I was received from a user of my PHP MySQLi wrapper class.